mirror of
https://github.com/overleaf/overleaf.git
synced 2025-01-27 06:02:47 +00:00
Refuse to process project-ids that look like they come from v1
This commit is contained in:
parent
1312a4d9ba
commit
a517035e2c
6 changed files with 85 additions and 0 deletions
|
@ -18,6 +18,7 @@ import uk.ac.ic.wlgitbridge.util.Util;
|
|||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.io.IOException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Optional;
|
||||
|
||||
/**
|
||||
|
@ -82,6 +83,23 @@ public class WLRepositoryResolver
|
|||
ServiceNotAuthorizedException,
|
||||
ServiceMayNotContinueException {
|
||||
Log.info("[{}] Request to open git repo", name);
|
||||
// Reject v1 ids, the request will be rejected by v1 anyway
|
||||
if (name.matches("^[0-9]+[bcdfghjklmnpqrstvwxyz]{6,12}$") && !name.matches("^[0-9a-f]{24}$")) {
|
||||
Log.info("[{}] Request for v1 project, refusing", name);
|
||||
throw new ServiceMayNotContinueException(
|
||||
String.join("\n", Arrays.asList(
|
||||
"This project has not yet been moved into the new version",
|
||||
"of Overleaf. You will need to move it in order to continue working on it.",
|
||||
"Please visit this project online on www.overleaf.com to do this.",
|
||||
"",
|
||||
"You can find the new git remote url by selecting \"Git\" from",
|
||||
"the left sidebar in the project view.",
|
||||
"",
|
||||
"If this is unexpected, please contact us at support@overleaf.com, or",
|
||||
"see https://www.overleaf.com/help/342 for more information."
|
||||
))
|
||||
);
|
||||
}
|
||||
Optional<Credential> oauth2 = Optional.ofNullable(
|
||||
(Credential) httpServletRequest.getAttribute(
|
||||
Oauth2Filter.ATTRIBUTE_KEY));
|
||||
|
|
|
@ -126,6 +126,9 @@ public class WLGitBridgeIntegrationTest {
|
|||
put("canCloneAMigratedRepositoryWithoutChanges", new HashMap<String, SnapshotAPIState>() {{
|
||||
put("state", new SnapshotAPIStateBuilder(getResourceAsStream("/canCloneAMigratedRepositoryWithoutChanges/state/state.json")).build());
|
||||
}});
|
||||
put("rejectV1Repository", new HashMap<String, SnapshotAPIState>() {{
|
||||
put("state", new SnapshotAPIStateBuilder(getResourceAsStream("/rejectV1Repository/state/state.json")).build());
|
||||
}});
|
||||
}};
|
||||
|
||||
@Rule
|
||||
|
@ -849,6 +852,22 @@ public class WLGitBridgeIntegrationTest {
|
|||
assertTrue(FileUtil.gitDirectoriesAreEqual(getResource("/canCloneAMigratedRepositoryWithoutChanges/state/testproj_no_change"), testprojDir.toPath()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void rejectV1Repository() throws IOException, GitAPIException, InterruptedException {
|
||||
int gitBridgePort = 33884;
|
||||
int mockServerPort = 3884;
|
||||
MockSnapshotServer server = new MockSnapshotServer(mockServerPort, getResource("/rejectV1Repository").toFile());
|
||||
server.start();
|
||||
server.setState(states.get("rejectV1Repository").get("state"));
|
||||
GitBridgeApp wlgb = new GitBridgeApp(new String[] {
|
||||
makeConfigFile(gitBridgePort, mockServerPort)
|
||||
});
|
||||
wlgb.run();
|
||||
Process gitProcess = runtime.exec("git clone http://127.0.0.1:" + gitBridgePort + "/1234bbccddff.git", null, dir);
|
||||
wlgb.stop();
|
||||
assertNotEquals(0, gitProcess.waitFor());
|
||||
}
|
||||
|
||||
private String makeConfigFile(
|
||||
int port,
|
||||
int apiPort
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
This text is from another file.
|
|
@ -0,0 +1 @@
|
|||
content
|
Binary file not shown.
After Width: | Height: | Size: 10 KiB |
|
@ -0,0 +1,46 @@
|
|||
[
|
||||
{
|
||||
"project": "1234bbccddff",
|
||||
"getDoc": {
|
||||
"versionID": 1,
|
||||
"createdAt": "2014-11-30T18:40:58.123Z",
|
||||
"email": "jdleesmiller+1@gmail.com",
|
||||
"name": "John+1"
|
||||
},
|
||||
"getSavedVers": [
|
||||
{
|
||||
"versionID": 1,
|
||||
"comment": "added more info on doc GET and error details",
|
||||
"email": "jdleesmiller+1@gmail.com",
|
||||
"name": "John+1",
|
||||
"createdAt": "2014-11-30T18:47:01.333Z"
|
||||
}
|
||||
],
|
||||
"getForVers": [
|
||||
{
|
||||
"versionID": 1,
|
||||
"srcs": [
|
||||
{
|
||||
"content": "content\n",
|
||||
"path": "main.tex"
|
||||
},
|
||||
{
|
||||
"content": "This text is from another file.",
|
||||
"path": "foo/bar/test.tex"
|
||||
}
|
||||
],
|
||||
"atts": [
|
||||
{
|
||||
"url": "http://127.0.0.1:3857/state/testproj/min_mean_wait_evm_7_eps_150dpi.png",
|
||||
"path": "min_mean_wait_evm_7_eps_150dpi.png"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"push": "success",
|
||||
"postback": {
|
||||
"type": "success",
|
||||
"versionID": 2
|
||||
}
|
||||
}
|
||||
]
|
Loading…
Reference in a new issue